Changes to the Privacy Act 1988 were heralded as the most significant in more than 25 years and granted greater power to both average Australians and the Australian Privacy Commissioner.
The privacy reforms, which aim to create greater transparency among corporations and Australian Government agencies about personal information is handled, also allow people greater access to information held about them and how it is used.
Australian Privacy Commissioner Timothy Pilgrim said the changes required companies to provide easy opt out mechanisms for people being targeted by direct marketing, as well as provide information on how their personal details were accessed.
“People will now be able to ask when they’re contacted by someone who’s direct marketing to them ‘how did you get my information and where did you get it from’,” he said.
“If they find that it’s been provided by a company that sells lists of people, they can then contact that organisation and say ‘I want you to take me off that list’… The average person will have a bit more control, certainly.”
The changes also affected access to personal credit information, which has been extended to include repayment history.
Mr Pilgrim said the reforms also allowed people greater access to their personal credit information, which could save Australians both time and money.
“Everybody has the right to see for free a copy of their credit file once a year,” he said.
“Unfortunately a lot of people don’t know that their credit file may show a default they weren’t aware of until they go and apply for credit.”
The reform also prohibited credit files being held on minors.
The changes were introduced amid an increase in complaints to the Commission, a spike that Mr Pilgrim attributed to greater awareness among Australians.
The Commission received 1496 privacy complaints in 2012-13, a number which has already increased by 30 per cent in the financial year to date.
Mr Pilgrim said the changes also provided enhanced powers for the Commission, allowing it to seek penalties for serious repeated privacy breaches of up to $1.7 million for organisations and $340,000 for individuals.
